OpenSSH 5.6 Released into the Wild

OpenSSH or OpenBSD Secure Shell got an update to 5.6. The project features a slew of new features and bug fixes, but maintains compatibility with SSH protocol 1.3, 1.5, and 2.0.

New to 5.6 is a ControlPersist option to ssh_config, which automatically launches a background ssh multiplex master during connection. SSH now logs hostname and address concted to LogLevel=verbose after a successful authentication. This is done to manage phishing attacks by servers with trusted keys that accept authentication silently and automatically before presenting falsified password/passphrase prompts.

5.6 also allows ssh-keygent to import and export PEM and PKCS#8 keys. Debug messages can be queued, and remote forwarding with dynamic port allocation. SSHd now supports indirection in matching principal names listed in certificates.